How do these fake Google ads work? How to protect yourself from it?
Ads can be annoying, but that’s the reason Google doesn’t charge you every time you search for something there. Sometimes it can even be useful: if you’re looking for a specific product and Google ads show you that site as the first result, you can quickly get to where you want to go. Lately, however, you’d better avoid the kind of ads that Google puts in your way: researchers have found fake ads on the platform that look completely legitimate at first glance.
How These Fake Google Ads Work
This practice is called “malicious advertising”: attackers plant false advertisements with malware in the hope that users will find their ads legitimate. You might think everything is fine down to the site URL, but when you click on it, you get a scam and not the site you were expecting to visit.
Malwarebytes Threat Intelligence first discovered this issue in a fake Google ad on Twitter last month. They did a Google search for “YouTube,” a simple query that usually offers a link to a video service. However, instead of offering the standard YouTube link at the top of search results, Google shows ads for the site.
At first glance, this ad seems quite innocent, especially since the URL is correct (https://www.youtube.com). Why doesn’t the link lead to YouTube? When clicked, however, something happens: a warning from Windows Defender claims that the site is blocked due to suspicious activity, citing a problem with Trojan-type spyware, and advises contacting “tech support”to resolve the problem.
This warning is not from Windows Defender and this “tech support”is not legal. According to BleepingComputer, if you contact this tech support, they will ask you to download TeamViewer on your computer in order to remotely fix the problem for you. Since TeamViewer is software that allows a third party to take control of your computer, it’s safe to say that the person on the other end is using the software against you, whether to take you away from your computer and demand a ransom or to steal your personal data.
At the time of this writing, a Google search on YouTube does not return this malicious ad, or any other ad for that matter. At least that exact issue has been fixed, but that doesn’t mean all those fake ads are gone. In any Google search, the ads that appear above the results can be dangerous and users cannot identify them without clicking on them.
How to Protect Yourself from These Fake Google Ads
Your best option is to avoid all Google ads. Actually it’s not a big problem. And these are all advertisements that Google will not be able to use to track your interests.
If you need to click on an ad, try to notice some signs: if you look at a Malwarebytes tweet, the results will appear in the “YouTube – official site”section. The normal result for YouTube will only show his name. Also, the text below the title looks weird, like it’s taken from a YouTube video description. The actual result does not do this, instead offering a brief overview of YouTube as a platform.
Of course, if the hackers manage to create really convincing ads, the last resort is this: if the ad takes you anywhere other than the site you want to visit, close the window. Do not follow the instructions from any warning, do not install any software. Clicking on the ad itself will certainly not do anything to your computer, but it will install malware or allow a third party to access your computer through a program like TeamViewer.
🚨 We have detected a major malware campaign using Google Ads.
➡️ Follow our full report on this campaign. pic.twitter.com/VzAdtgVR3q
— Malwarebytes Threat Intelligence (@MBThreatIntel) July 20, 2022